Array

Data protection risks

Must Read

Strayer University can be your best option

Strayer University is a private school in the United States. The university is in Arlington Virginia. There are 43...

Get Your Banker to His Knees – Refinance Your Mortgage

Are you tired from all those bank envelopes chasing you around the house? Seeing your dull bank clerk smiling...

Accidents Do Happen But Experts Have To Be Involved At Times

The road is an extremely dangerous place so it is no wonder then that many clashes, by cars or...

File System Access

Just as in the desktop version of Adobe AIR, AIR on Android gives you access to the file system....

Marketing Guide for people selling their homes themselves (For Sale by Owner)

The internet has in fact revolutionized the real estate business in many ways than one. While it is a...

Hit and Run: Criminal Accidents in Los Angeles

There are many ways for an otherwise law-abiding citizen to get in criminal trouble in a city the size...
Admin
test

If a security breach results in sensitive customer details being stolen your business may be prosecuted by national authorities, penalized by standards bodies or sued by your customers. In the UK the Information Commissioner’s Office is using existing laws such as the Data Protection Act to take action against offending organizations if any security breaches are shown to be due to inadequate controls. And, in the financial industry, regulations and standards are being imposed on organizations compelling them to use effective security controls, and in some cases specifying the type of controls to use. For example, the Payment Card Industry Data Security Standards (PCI DSS) specify two-factor authentication ‘for remote access for all employees, administrators, and third parties’.

The main questions that need to be answered by organizations that have to comply with data protection regulations are:

  • What information is stored on a system?
  • Where is the information stored?
  • Who can access the system?
  • What can they access?
  • Is the access appropriate?

Now, cloud computing providers can certainly tell you what information is stored on their systems, but where the information is stored is less certain because of the distributed and virtualized nature of public clouds. If this is an issue you will have to ensure that the provider you use is able and willing to work with you to provide, and prove, any data location restrictions you may have. As for the ‘who’, ‘what’ and ‘why’ questions about system access, in order to comply with data protection regulations, you may have to find out who the system and application administrators are; how they access the systems; and the policies that dictate how administrative security permissions are granted. The provider may also need to prove they can provide you with an audit trail based on detailed system access logs, if required.

As a minimum precaution, if your business has personal data records that are stored and moved around public clouds that cross international boundaries then you should ensure that your cloud provider – and any country where your data may be stored – adheres to the data protection principles contained in the Safe Harbour arrangement between the European Commission and the US Department of Commerce (http://epic.org/privacy/intl/EP_SH_resolution_0700.html).

At the dawn of the cloud computing era there were very few public cloud solutions that offered this level of data protection, but as the technologies mature they may become more standards-compliant. In the meantime you may have
to rely on the wording in service contracts to assist you with cloud compliance.

Previous articleExternal security risks
Next articleCloud outages

Latest News

Digital Marketing for Beginners

Digital marketing for starter, Let to basic learning about connecting with your audience in the right place at the...

What are 7 things poor people do that the rich don’t?

1. poor people watch TV in which people read books how many hours you spend in front of the TV and when was the...

Top 18 best small business ideas for beginners starting

A small business can be frightening and requires plenty of careful planning there are many small business ideas which can be beneficial as well...

Summer that makes you happy

We saw were already here I've been thinking about some of the things. I used to do with my husband even though he had...

4 Point to helpful tips specifically for caregivers

What you need to take a vacation. I know it sounds impossible creative and try to make it work for you almost everyone needs...

More Articles Like This